Hi,
I was previously aware of a/@ping, but today I had a closer look at
<http://www.w3.org/html/wg/html5/#hyperlink0>, currently stating:
"For URIs that are HTTP URIs, the requests must be performed using the
POST method (with an empty entity body in the request). User agents must
ignore any entity bodies returned in the responses, but must, unless
otherwise specified by the user, honour the HTTP headers â€” in
particular, HTTP cookie headers. [RFC2965]"
I'd like to understand why POST was selected for that. POST is an unsafe
method, and it shouldn't be sent without the consent of the user -- in
particular not if the target is on a different server.
Thus:
- please make it default to be invalid when on a different server, and
- choose a safe HTTP method, such as GET/HEAD (and yes, caching can be
disabled through Cache-Control).
The spec continues with:
"When the ping attribute is present, user agents should clearly
indicate to the user that following the hyperlink will also cause
secondary requests to be sent in the background, possibly including
listing the actual target URIs."
This is good, but it's probably not clear enough -- at least FF3 is
ignoring this.
Best regards, Julian